@cft Disclaimer: I don't really know what i'm talking about when it comes to crypto.

• ssb does transport encryption at a different layer of the stack, not directly on the (cbor) message data
• signing also needs to account for meta data, which will not be in cbor
• encrypted messages completely anonymize the recipients, I don't think COSE supports that. But these are probably the use case most likely to benefit from COSE.
• in general, mechanisms for upgrading crypto primitives are handled via multiformats

I will definitely do a thorough read-through of the COSE spec when starting to flesh out metadata formats. But for the reasons listed above, I does not look like we can "just use COSE" directly.